Listing of the Claims 



1. (Currently amended) A method comprising: 

generating session information at tbe-a_control node in response to a 
request from a client to access a system node and sending the session 
information to the client, the system node, and a data node if the client and 
system node satisfy at least one condition for accessing each other; 

receiving at the data node a request from the client to access the system 
node and a request from the system node to access the client; and 

establishing a first secure authenticated connection between the client 
and the system node via the data node based at least in part on the session 
information. 

2. (Previously presented) The method of claim 1, further comprising 
receiving at the control node a request from the client for the session 
information. 

3. (Previously presented) The method of claim 1, further comprising, 
prior to receiving the request from the client to access the system node, 
registering the system node with a control node. 

4. (Previously presented) The method of claim 1 further comprising, 
prior to receiving the request from the client to access the system node, 
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providing a list of registered system nodes to the client, wherein the system 
node is selected at the client from the list of registered system nodes. 

5. (Original) The method of claim 1, further comprising notifying the 
system node when a message is received from the client at the data node. 

6. (Previously presented) The method of claim 5, further comprising 
establishing a second secure authenticated connection between the system node 
and the data node. 

7. (Previously presented) The method of claim 6, further comprising 
sending the message from the data node to the system node over the second 
secure authenticated connection between the system node and the data node. 

8. (Previously presented) A computer program product encoding 
computer programs for executing on a control node and a data node a computer 
process, the computer process comprising: 

generating session information at the control node in response to 
receiving a request from a client to access a system node and sending the 
session information to the client, the system node, and the data node if the 
client and system node satisfy at least one condition for accessing each other; 

receiving at the data node a request from the client to access the system 
node and a request from the system node to access the client; and 
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establishing a first secure authenticated connection between the client 
and the system node via the data node based at least in part on the session 
information. 

9. (Original) The computer program product of claim 8 wherein the 
computer process at the control node further comprises registering the system 
node. 

10. (Previously presented) The computer program product of claim 8 
wherein the computer process at the control node further comprises updating a 
client database at the control node with a dynamic network address for the 
system node on a recurring basis. 

1 1 . (Previously presented) The computer program product of claim 8 
wherein the computer process at the data node further comprises: 

notifying the system node when a message is received from the client at 
the data node; 

establishing a second secure authenticated connection between the 
system node and the data node; and 

sending the message from the data node to the system node over the 
second secure authenticated connection between the system node and the data 
node. 
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12. (Previously presented) A system for establishing a secure 
authenticated network connection between a client and a system node, 
comprising: 

a control node linked to the client and the system node, the control node 
providing the client and the system node with session information if the client 
and system node satisfy at least one condition for accessing each other; and 

a data node communicatively coupled to the control node, the data node 
receiving a request from the client to access the system node and a request from 
the system node to access the client and establishing a first secure authenticated 
connection between the client and the system node via the data node based at 
least in part on the session information. 

13. (Original) The system of claim 12 wherein the session information 
includes at least a network address for the system node. 

14. (Original) The system of claim 12 wherein the session information 
includes at least a dynamic network address for the system node. 

15. (Original) The system of claim 12 wherein the session information 
includes a status of the system node. 

16. (Previously presented) The system of claim 12 wherein a second 
secure authenticated connection between the data node and the system node is 
established in response to the data node receiving a message from the client. 
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17. (Original) The system of claim 12 further comprising a client 
database operatively associated with the control node, the client database 
including a data structure identifying system nodes registered with the control 
node. 

18. (Original) The system of claim 17 wherein the data structure 
identifies authorized users of the system nodes registered with the control node. 

19. (Original) The system of claim 12 further comprising a session 
database operatively associated with the data node, the session database storing 
the session information received from the control node. 

20. (Previously presented) The system of claim 19 wherein the session 
information for a client session is removed from the session database when the 
client session ends. 
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